Created attachment 347741 [details] copy of dmesg text Description of problem: I am getting an alert from selinux that it is preventing fprint (fprintd_t) "read to / (usbfs_t) it goes on to say that / may be mislabeled. I am using virtualbox 2.2.4 R47978 with a host of Kanotix 32bit and guest of Fedora 11 (I am not sure if this is part of the problem) I tried to print a text file in my /home/wirechief/text/ folder, I used restorecon '/' however it does not stop the alert, the file gets printed anyways. This may not be a Fedora 11 or selinux bug but rather because I am using a VM to use Fedora 11 it is getting some confusion. however I am filing this report for review. I made a fpaste of the details http://fpaste.org/paste/15002 Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. enter a file and select "print" 2. 3. Actual results:selinux issues an alert with the icon appearing on the desktop Expected results: my file to print without errors or warnings. Additional info: uname -a Linux localhost.localdomain 2.6.29.4-167.fc11.i586 #1 SMP Wed May 27 17:14:37 EDT 2009 i686 i686 i386 GNU/Linux my infogash: infobash -v3 0 Host/Kernel/OS "localhost.localdomain" running Linux 2.6.29.4-167.fc11.i586 i386 [ fc11.i586 ] CPU Info Intel Core2 Duo T7300 @ 4096 KB cache flags( sse3 ) clocked at [ 745.107 MHz ] Videocard InnoTek Systemberatung GmbH VirtualBox Graphics Adapter X.Org 1.6.1.901 [ 1256x670 ] Network cards Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE], at port: c020 Processes 150 | Uptime 2days | Memory 269.0/498.9MB | HDD VBOX HARDDISK Size 21GB (24%used) | GLX Renderer Software Rasterizer | GLX Version Yes | Client Shell | Infobash v3.22 ausearch -m avc -ts today time->Fri Jun 12 17:05:09 2009 type=SYSCALL msg=audit(1244840709.594:23485): arch=40000003 syscall=38 per=400000 success=no exit=-13 a0=bf91fae0 a1=bf91f6d0 a2=804a4c8 a3=bf91fae0 items=0 ppid=6079 pid=7088 auid=500 uid=4 gid=7 euid=4 suid=4 fsuid=4 egid=7 sgid=7 fsgid=7 tty=(none) ses=1 comm="brprintconfij2" exe="/usr/bin/brprintconfij2" subj=unconfined_u:system_r:cupsd_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1244840709.594:23485): avc: denied { write } for pid=7088 comm="brprintconfij2" name="inf" dev=dm-0 ino=181 scontext=unconfined_u:system_r:cupsd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:usr_t:s0 tclass=dir
The first error you report should be fixed in selinux-policy-3.6.12-45.fc11 yum upgrade selinux-policy-targeted THe second error is a dir which is mislabeled I believe. Where is your Brother software installed? restorecon -R -v /usr/local Should fix it if it installed in /usr/local.
# yum upgrade selinux-policy-targeted Loaded plugins: refresh-packagekit updates/metalink | 12 kB 00:00 Setting up Upgrade Process No Packages marked for Update # restorecon -R -v /usr/local restorecon reset /usr/local/Brother/lpd context unconfined_u:object_r:usr_t:s0->system_u:object_r:bin_t:s0 restorecon reset /usr/local/Brother/inf context unconfined_u:object_r:usr_t:s0->system_u:object_r:cupsd_rw_etc_t:s0 restorecon reset /usr/local/Brother/inf/brMFC420CNrc context unconfined_u:object_r:usr_t:s0->system_u:object_r:cupsd_rw_etc_t:s0 I am now able to print without a selinux error, thank you for your help.